I have several Scriptfiles, which I run daily. The really first time, I run a script, CIS asks my to allow explorer.exe to run wscript.exe, after that, each other script gives no alarm, because wscript.exe stands in the security rules and I find, this is a security hole, because from now, every script can run on my PC without asking!
My whish: I want put in the security rules from expolorer.exe or wscript.exe the names of my script files and every other script must ask again.
I tried to put the complete call for a script (like wscript.exe c:\programs\test.vbs) in the explorer.exe rules, but this doesen’t help.
I tried to put *.vbs in “My protected files”, but no ask for first running scripts.
Is there an option, i do not see, or is this really a security hole?